Vulnerabilities > CVE-2003-0109 - Unspecified vulnerability in Microsoft Windows 2000 and Windows 2000 Terminal Services
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 8 |
Exploit-Db
description Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability (1). CVE-2003-0109. Remote exploit for windows platform id EDB-ID:22365 last seen 2016-02-02 modified 2003-03-24 published 2003-03-24 reporter mat source https://www.exploit-db.com/download/22365/ title Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability 1 description Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability (3). CVE-2003-0109. Remote exploit for windows platform id EDB-ID:22367 last seen 2016-02-02 modified 2003-04-04 published 2003-04-04 reporter Morning Wood source https://www.exploit-db.com/download/22367/ title Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability 3 description MS Windows WebDAV (ntdll.dll) Remote Exploit. CVE-2003-0109. Remote exploit for windows platform id EDB-ID:1 last seen 2016-01-31 modified 2003-03-23 published 2003-03-23 reporter kralor source https://www.exploit-db.com/download/1/ title Microsoft Windows WebDAV - ntdll.dll Remote Exploit description Microsoft IIS 5.0 WebDAV ntdll.dll Path Overflow. CVE-2003-0109. Remote exploit for windows platform id EDB-ID:16470 last seen 2016-02-01 modified 2010-07-25 published 2010-07-25 reporter metasploit source https://www.exploit-db.com/download/16470/ title Microsoft IIS 5.0 WebDAV ntdll.dll Path Overflow description MS Windows WebDav III remote root Exploit (xwdav). CVE-2003-0109. Remote exploit for windows platform id EDB-ID:51 last seen 2016-01-31 modified 2003-07-08 published 2003-07-08 reporter Schizoprenic source https://www.exploit-db.com/download/51/ title Microsoft Windows WebDav III - Remote Root Exploit xwdav description MS Windows WebDAV Remote PoC Exploit. CVE-2003-0109. Remote exploit for windows platform id EDB-ID:2 last seen 2016-01-31 modified 2003-03-24 published 2003-03-24 reporter RoMaNSoFt source https://www.exploit-db.com/download/2/ title Microsoft Windows WebDAV - Remote PoC Exploit description MS Windows WebDav II (New) Remote Root Exploit. CVE-2003-0109. Remote exploit for windows platform id EDB-ID:36 last seen 2016-01-31 modified 2003-06-01 published 2003-06-01 reporter alumni source https://www.exploit-db.com/download/36/ title Microsoft Windows WebDav II - Remote Root Exploit 2 description Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability (2). CVE-2003-0109. Remote exploit for windows platform id EDB-ID:22366 last seen 2016-02-02 modified 2003-03-31 published 2003-03-31 reporter ThreaT source https://www.exploit-db.com/download/22366/ title Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability 2 description Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability (4). CVE-2003-0109. Remote exploit for windows platform id EDB-ID:22368 last seen 2016-02-02 modified 2003-03-17 published 2003-03-17 reporter [email protected] source https://www.exploit-db.com/download/22368/ title Microsoft Windows XP/2000/NT 4 ntdll.dll Buffer Overflow Vulnerability 4
Metasploit
| description | This exploits a buffer overflow in NTDLL.dll on Windows 2000 through the SEARCH WebDAV method in IIS. This particular module only works against Windows 2000. It should have a reasonable chance of success against any service pack. |
| id | MSF:EXPLOIT/WINDOWS/IIS/MS03_007_NTDLL_WEBDAV |
| last seen | 2020-01-10 |
| modified | 2017-07-24 |
| published | 2007-03-01 |
| references | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0109 |
| reporter | Rapid7 |
| source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/iis/ms03_007_ntdll_webdav.rb |
| title | MS03-007 Microsoft IIS 5.0 WebDAV ntdll.dll Path Overflow |
Nessus
NASL family Web Servers NASL id IIS_WEBDAV_OVERFLOW.NASL description The remote WebDAV server is vulnerable to a buffer overflow when it receives a too long request. An attacker may use this flaw to execute arbitrary code within the LocalSystem security context. last seen 2020-06-01 modified 2020-06-02 plugin id 11412 published 2003-03-18 reporter This script is Copyright (C) 2003-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/11412 title Microsoft IIS WebDAV ntdll.dll Remote Overflow (MS03-007) NASL family Windows : Microsoft Bulletins NASL id SMB_NT_MS03-007.NASL description The remote version of Windows contains a buffer overflow in the Windows kernel, that could allow an attacker to execute arbitrary code on the remote host with SYSTEM privileges. For example this vulnerability can be exploited through the WebDAV component of IIS 5.0. A public exploit is available. last seen 2020-06-01 modified 2020-06-02 plugin id 11413 published 2003-03-18 reporter This script is Copyright (C) 2003-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/11413 title MS03-007: Unchecked Buffer in ntdll.dll (815021)
Oval
| accepted | 2011-05-16T04:00:17.953-04:00 | ||||||||||||||||
| class | vulnerability | ||||||||||||||||
| contributors |
| ||||||||||||||||
| description | Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0. | ||||||||||||||||
| family | windows | ||||||||||||||||
| id | oval:org.mitre.oval:def:109 | ||||||||||||||||
| status | accepted | ||||||||||||||||
| submitted | 2003-10-10T12:00:00.000-04:00 | ||||||||||||||||
| title | Windows ntdll.dll Buffer Overflow | ||||||||||||||||
| version | 67 |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/83237/ms03_007_ntdll_webdav.rb.txt |
| id | PACKETSTORM:83237 |
| last seen | 2016-12-05 |
| published | 2009-11-26 |
| reporter | H D Moore |
| source | https://packetstormsecurity.com/files/83237/Microsoft-IIS-5.0-WebDAV-ntdll.dll-Path-Overflow.html |
| title | Microsoft IIS 5.0 WebDAV ntdll.dll Path Overflow |
Saint
| bid | 7116 |
| description | ntdll.dll buffer overflow via IIS 5.0 WebDAV |
| id | win_patch_ntdll,web_server_iis_webdav |
| osvdb | 4467 |
| title | iis5_webdav |
| type | remote |
Seebug
| bulletinFamily | exploit |
| description | No description provided by source. |
| id | SSV:5197 |
| last seen | 2017-11-19 |
| modified | 2006-10-24 |
| published | 2006-10-24 |
| reporter | Root |
| source | https://www.seebug.org/vuldb/ssvid-5197 |
| title | MS Windows WebDAV Remote PoC Exploit |
References
- http://www.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=22029
- http://www.cert.org/advisories/CA-2003-09.html
- http://www.iss.net/security_center/static/11533.php
- http://www.securityfocus.com/bid/7116
- http://www.nextgenss.com/papers/ms03-007-ntdll.pdf
- http://www.kb.cert.org/vuls/id/117394
- http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B&displaylang=en
- http://marc.info/?l=bugtraq&m=104869293619064&w=2
- http://marc.info/?l=bugtraq&m=104887148323552&w=2
- http://marc.info/?l=bugtraq&m=105768156625699&w=2
- http://marc.info/?l=bugtraq&m=104861839130254&w=2
- http://marc.info/?l=bugtraq&m=104826476427372&w=2
- http://marc.info/?l=ntbugtraq&m=104826785731151&w=2
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A109
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-007
- http://support.microsoft.com/default.aspx?scid=kb%3B%5BLN%5D%3BQ815021